<?php

$o = f()->users()->user($param);
if ($o === null) {
	echo 'Unknown user.';
} else {
	$form = f()->users()->user_form('password');
	$form->load($o);
	if ($form->submitted()) {
		$current_password = $form->value('current_password');
		if ($current_password === '***' || $o->check_password($current_password)) {
			$o->change_password($form->value('password1'));
		}
		$o->save();
		$this->redirect('@users');
	} else {
		$form->render();
	}
}